Extended instant guest access using near field communication tags

ABSTRACT

A method of extending user access to a guest in a building space in a building system including at least one of a cloud computing environment and a control device associated with the building system to execute the method. The method includes receiving a request for access to a building space, the request associated with providing access to the building space for the guest, the request including a unique identifier associated with the building space, notifying a user associated with the building space of the request and requesting an authorization to provide the access to the building space, and receiving an authorization from the user associated with permitting the guest access to the building space associated with the unique identifier. The method also includes transmitting the authorization to the guest and permitting access to the building space associated with the unique identifier based on the authorization.

CROSS-REFERENCE TO RELATED APPLICATIONS

This counterpart application claims the benefit of India Application No.201711033283 filed Sep. 20, 2017, which is incorporated herein byreference in its entirety.

TECHNICAL FIELD

Embodiments relate generally to applications for use and access to abuilding space protected by a lock. More particularly, to registrationand identification of a user and a second user and providing a seconduser access to the building space.

DESCRIPTION OF RELATED ART

In the hospitality industry, enhancing customer satisfaction is apriority. Faced with increased industry competition, many hoteloperators are looking for smarter ways to maximize customersatisfaction, improve customer services, and generate more revenue fromtheir properties. Expanding how hotel customers access availableservices has proven to be a successful strategy for many hotels. Suchservices may include reserving a room, reserving a taxi, reserving aconference room, selecting from digital content available via atelevision, reserving a game room or game console, making a spaappointment, ordering food, making travel reservations, reserving ahospitality suite, requesting room service, or a combination thereof.

By way of a non-limiting example, electronic devices such astelevisions, controllers user computers, user mobile devices, tablets,and the like play an important role in providing interfaces andimplementing services for guests. Likewise such devices facilitateproviding such services and generating revenues. Users are increasinglyusing a variety of apps on their personal mobile devices to accessbuilding spaces, define preferences, investigate, request, pay for andreceive services. However, such services may require a different app foreach service requested which can become cumbersome and burdensome.

To gain access or receive services, particularly in a hospitalityenvironment, hotel guests or residents in multiple residence propertiesgenerally use keys or keycards. Typically, when a patron checks into ahotel property, they are given a key or keycard to access their room,and possibly elevators, and other facilities such as the pool or gym. Inthe case of the keycard, the magnetic strip or RFID chip on the card iswritten by the hotel's front desk to include the patron's room, andcheck-in and check-out dates. Additionally, the key may include otherinformation about the patron, including other access privileges.Unfortunately a keycard based security system typically requires that apatron check-in at the front desk upon arrival to be issued theirkeycard. The front desk must spend time and effort to program keycardsfor each patron, and likewise must spend efforts to retrieve and reusekeycards after a patron's visit.

In recent years, near field communication (NFC) was developed. NFC worksonly in the range of a few inches. NFC is a set of standards forsmartphones, and other mobile devices, such as tablet computers and MP3players, to establish radio communication with each other by bringingthem into close proximity. Not only can NFC active devices communicatewith each other, communication is also possible between an NFC deviceand an unpowered NFC chip, called an NFC tag employing well establishstandards.

A long-time goal of the hospitality industry has been a way for gueststo bypass the front desk and go directly to their assigned room atcheck-in. Further, it would be advantageous to provide ways for gueststo enable access to the building space when remote or to enable accessfor third parties with selected credentials. Likewise, in the vacationrental market, there is a similar problem in that there is no front deskor other onsite staff available to greet the renter. Keys are sometimesleft under the mat, or with a neighbor. In both cases, there is a needfor a system which uses a device already in the possession of theprospective guest or renter, which can be programmed remotely with guestinformation, and which maintains the security of keys or keycards.

BRIEF SUMMARY

Described herein in an embodiment is a method of extending user accessto a guest in a building space in a building system including at leastone of a cloud computing environment and a control device associatedwith the building system to execute the method. The method includesreceiving a request for access to a building space, the requestassociated with providing access to the building space for the guest,the request including a unique identifier associated with the buildingspace, notifying a user associated with the building space of therequest and requesting an authorization to provide the access to thebuilding space, and receiving an authorization from the user associatedwith permitting the guest access to the building space associated withthe unique identifier. The method also includes transmitting theauthorization to the guest and permitting access to the building spaceassociated with the unique identifier based on the authorization.

In addition to one or more of the features described above, or as analternative, further embodiments may include communicating with an appexecuting on a first user device configured to permit a user topreselect desired access rights associated with at least one of a guestand the building space.

In addition to one or more of the features described above, or as analternative, further embodiments may include communicating with an appexecuting on a second user device configured to permit a guest tocommunicate credential information with the request.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the request is made bycommunicating from a communication device to the second user device.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the communicatingincludes the unique identifier for the communication device associatedwith the building space.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the communicationdevice is a Near Field Communication (NFC) device.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the notifying includesthe at least one of the cloud computing environment associated with thebuilding system and the control device associated with the buildingsystem, communicating with a least the first user device, thecommunicating including identification of at least one of the guest andthe building space.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the authorizationincludes constraints on access permissions of the guest.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the constraints arebased on at least one of the input of the user and the constraints onthe user from the building system.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the building system isa hotel and the building space is an access controlled space in thehotel.

In addition to one or more of the features described above, or as analternative, further embodiments may include providing a notification tothe user via the user device regarding the access of the guest to thebuilding space.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the receiving arequest includes a communication device communicating with at least oneof a cloud computing environment associated with the building system, acontrol device associated with the building system, and a user device ofthe guest, the communicating including the unique identifier andinformation associated with the building space in the building system,and wherein the building system employs the unique identifier toidentify the building space to which access is desired.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the request for accessincludes presenting a credential of the guest for authentication.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the credentialincludes at least one of an identification of the guest anidentification of the user device of the guest, an identification of thecontrol device associated with the building space in the buildingsystem, a biometric, and a password.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the authorizationfurther includes at least one of a cloud computing environment and acontrol device associated with the building system authenticating thecredential and communicating an indicia of authentication to the userdevice of the guest.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the indicia ofauthentication is at least one of a message, a token, a digitalcertificate, and a password.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the authenticatingincludes validating a biometric.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the cloud computingenvironment and controller associated with the building system includesa local server.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the building system isat least one of a security system, access control system, and a vehicleand the control device is a lock.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the permitting accessto the building space includes communicating information associated withthe authentication to a controller associated with the building space inthe building system.

In addition to one or more of the features described above, or as analternative, further embodiments may include that the informationassociated with the authentication includes permissions associated withthe permitting, the permissions including at least one of a durationassociated with the permitting control, limitations on controllablefeatures of the control of the selected controllable device, andoperational parameters of the second building system to be controlled.

Also described herein in an embodiment is a system for permitting guestaccess to a building space in a building system. The system includes abuilding system having a building space associated therewith, thebuilding system includes at least one of a controller associated withthe building system and a cloud computing environment associated withthe building system, and at least one communication device in operablecommunication with the user device of a guest, the at least onecommunication device associated with a unique identifier. The buildingsystem includes an application configured to be executed on a userdevice in operable communication with the at least one of the controllerassociated with the building system and the cloud computing environmentassociated with the building system, the user device executing theapplication facilitating authorizing access to a selected building spacein the building system and configured to communicate a request foraccess to the at least one of the controller associated with thebuilding system and the cloud computing environment associated with thebuilding system, where at least one of the controller associated withthe building system and the cloud computing environment associated withthe building system are configured to execute a method of providingguest access to a building space. The method includes notifying a userassociated with the building space of the request and requesting anauthorization to provide the access to the building space, receiving anauthorization from the user associated with permitting the guest accessto the building space associated with the unique identifier,transmitting the authorization to the guest, and permitting access tothe building space associated with the unique identifier based on theauthorization.

Also described herein in yet another embodiment is a system forpermitting guest access to a building space associated with a buildingsystem controlled by a user having an access control system, the accesscontrol system including at least one of a cloud computing environmentassociated with the building system and a control device associated withthe building system. The system includes means for receiving a requestfor access to the building space, the request associated with providingaccess to the building space for the guest, the request including aunique identifier associated with the building space, means fornotifying the user associated with the building space of the request andrequesting an authorization to provide the access to the building space,and means for receiving an authorization from the user associated withpermitting the guest access to the building space associated with theunique identifier. The system also includes means for transmitting theauthorization to the guest and means for permitting access to thebuilding space associated with the unique identifier based on theauthorization.

Additional features and advantages are realized through the techniquesof the present disclosure. Other embodiments and aspects of thedisclosure are described in detail herein. For a better understanding ofthe disclosure with the advantages and the features, refer to thedescription and to the drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

The subject matter which is regarded of the described embodiments isparticularly pointed out and distinctly claimed in the claims at theconclusion of the specification. The foregoing and other features, andadvantages of the described embodiments are apparent from the followingdetailed description taken in conjunction with the accompanying drawingsin which:

FIG. 1 depicts a simplified diagrammatic view of the system andinterfaces for implementing the methodology of extended key access usingNFC tags in accordance with an embodiment;

FIG. 2 is a depiction of a cloud computing environment as may beemployed in accordance with an embodiment;

FIG. 3 depicts a simplified block diagram of a computing system as maybe implemented in a user device in accordance with an embodiment; and

FIG. 4 depicts a flowchart of an example method of extending key accessto a building space for a guest in a building system in accordance withan embodiment.

DETAILED DESCRIPTION

For the purposes of promoting an understanding of the principles of thepresent disclosure, reference will now be made to the embodimentsillustrated in the drawings, and specific language will be used todescribe the same. It will nevertheless be understood that no limitationof the scope of this disclosure is thereby intended. The followingdescription is merely illustrative in nature and is not intended tolimit the present disclosure, its application or uses. It should beunderstood that throughout the drawings, corresponding referencenumerals indicate like or corresponding parts and features. As usedherein, the term controller refers to processing circuitry that mayinclude an application specific integrated circuit (ASIC), an electroniccircuit, an electronic processor (shared, dedicated, or group) andmemory that executes one or more software or firmware programs, acombinational logic circuit, and/or other suitable interfaces andcomponents that provide the described functionality.

Additionally, the term “exemplary” is used herein to mean “serving as anexample, instance or illustration.” Any embodiment or design describedherein as “exemplary” is not necessarily to be construed as preferred oradvantageous over other embodiments or designs. The terms “at least one”and “one or more” are understood to include any integer number greaterthan or equal to one, i.e. one, two, three, four, etc. The terms “aplurality” are understood to include any integer number greater than orequal to two, i.e. two, three, four, five, etc. The term “connection”can include an indirect “connection” and a direct “connection”.

As shown and described herein, various features of the disclosure willbe presented. Various embodiments may have the same or similar featuresand thus the same or similar features may be labeled with the samereference numeral, but preceded by a different first number indicatingthe figure to which the feature is shown. Thus, for example, element “a”that is shown in Figure X may be labeled “Xa” and a similar feature inFigure Z may be labeled “Za.” Although similar reference numbers may beused in a generic sense, various embodiments will be described andvarious features may include changes, alterations, modifications, etc.as will be appreciated by those of skill in the art, whether explicitlydescribed or otherwise would be appreciated by those of skill in theart.

Embodiments related to a method requesting, permitting and grantingpermissions to a person to access a building space, e.g., a controlledspace such as a room where the request for access is immediate, theperson “requestor” requesting access may not be known, at leastinitially prior to the request, and a user who grants access may notnecessarily be in the controlled building space at the time of therequest for access. The user may be a hotel guest or a person who iscurrently in control of the space, even for a short time period, forexample during a hotel stay. And, for example, the requestor may be aperson seeking access to the user's hotel room to provide a service suchas making a delivery. Further, the requestor may access the space viaone or more NFC enabled communication devices or cards. Another featureof the described embodiments is to enable hospitality and (B2B)industries to provide services/facilitate access for services providersfor the user, potentially in advance of their arrival or without theirpresence. In addition, building space staff, e.g., hotel management orstaff, or a person requesting access may do so without a physicalinterruption as would typically be required today, for example to answera door.

Referring now to the drawings, FIG. 1 illustrates a diagrammaticoverview of a system 10 for extended instant key access using NFC tagsin a system 10 in a business environment, in particular, for example, ahospitality environment. In an embodiment the system 10 includes abuilding system 20 associated with a first building space 22. Forexample, an office or room in a hotel, conference room, recreationalvehicle, car, and the like, or any other building space 22 that may beaccess controlled. In application, this building space 22 would be onethat the user 12 e.g., a hotel patron, employs occasionally or perhapseven only once. For example, the building space 22 may be an officespace or hotel room having a security system or access control system,e.g. lock system securing an access point 30, e.g., a door, gate and thelike, hereinafter referred to as a door 30 for simplicity. In anembodiment the access point 30 is a room door in a hotel and the accessis controlled by a lock 32. Each of these building systems 20 mayinclude a controller 24 that is employed to interface to the buildingsystem 22 and execute processes to control the building system 20. In anembodiment, the controller 24 may be the lock 32. In another embodiment,the controller 24 may include a local or remote server that operates asthe controller 24 for the building system 20. In addition, some, or allof the functionality provided by the controller 24 to control thebuilding system 20 may be based on methods and processes executedremotely such as on a local or remote server or cloud computingenvironment 26. As will be appreciated the cloud computing environment26 could include a local or remote server, or the system 20 and cloudcomputing environment 26 could be entirely remote. The building system20 may also include a local and remote communication network and system,shown generally as 28 for facilitating communication and control ofvarious features in the building system 20 as well as for facilitatingcommunication between a user device 25, controller 24, and the server orcloud computing environment 26. Likewise, the building system 20 mayalso include an application (app) 29 operable on the user device 25,that permits and facilitates the user to enter and receive informationand for user device 25 to communicate with, interface with, and controlselected aspects of building system 20. The app 29 and the user device25 may include a user interface 27 to enable the user 12 to interfacewith the user device 25 and the app 29 being executed thereon. In anembodiment, the app 29 may be employed by the user 12, for example tofacilitate user authentication and access permissions to the buildingsystem 20. The app 29 may also facilitate establishing user preferencesassociated with the building system 20, and more particularly thebuilding space 22 (e.g. facility or room).

Cloud computing is a widely adopted and evolving concept. Generally,cloud computing refers to a model for enabling ubiquitous, convenient,and on-demand access via Internet to shared pools of configurablecomputing resources such as networks, servers, storages, applications,functionalities, and the like. There are a number of benefits associatedwith cloud computing for both the providers of the computing resourcesand their customers. For example, customers may develop and deployvarious business applications on a cloud infrastructure supplied by acloud provider without the cost and complexity to procure and manage thehardware and software necessary to execute the applications. Thecustomers do not need to manage or control the underlying cloudinfrastructure, e.g., including network, servers, operating systems,storage, etc., but still have control over the deployed applications. Onthe other hand, the provider's computing resources are available toprovide multiple customers with different physical and virtual resourcesdynamically assigned and reassigned according to clients' load. Further,cloud resources and applications are accessible via the Internet.

Referring now to FIG. 2, an illustrative cloud computing environment 26is depicted. As shown, cloud computing environment includes one or morecloud computing nodes, such as communication nodes or servers 26 (FIG.1), with which computing devices and controllers 14 a-e may communicate.Cloud computing nodes 26 may communicate with one another and/or begrouped (not shown) physically or virtually, in one or more networks,such as Private, Community, Public, or Hybrid clouds, or in one or morecombinations thereof. This allows cloud computing environment to offerinfrastructure, platforms and/or software as services for which a cloudconsumer does not need to maintain or minimize resources at a localcomputing device level. It is understood that the types of computingdevices 14 shown in FIG. 2 are intended to be illustrative only and thatcomputing nodes such as 26 and cloud computing environment cancommunicate with any type of computerized device over any type ofnetwork and/or network addressable connection (e.g., using a webbrowser).

The computing devices 14 a-e such as user device 25 may be any form of amobile device (e.g., smart phone, smart watch, wearable technology,laptop, tablet, etc.). The user device 25 can include several types ofdevices, in one instance, even a fixed device, e.g. a keypad/touchscreen affixed to a wall in a building corridor/lobby, such as buildingsystem controllers 24. In other words, the controller 24 and the userdevice 25 can all be computing devices 14 a-e. It should be appreciatedthat the system controllers 24 are typically part of the installedbuilding system infrastructure, while the third user device 25 istypically owned and used by the user, service man, homeowner, and thelike. The term “user device” 25 is used to denote all of these types ofdevices as may be employed by the user for the purposes of communicationwith the building system 20. It should be appreciated that in someinstances a user device 25 or the controller 24 are proximate to thesystem(s) 20, for example, a thermostat or system control unit, inothers they are mobile for example, a car, PDA, or movable kiosk. Forexample, in an embodiment, the computing devices could be, a personaldigital assistant (PDA) or cellular telephone tablet 14 a, such as userdevice 25, desktop computer/terminal/server 14 b, laptop computer 14 c,a vehicle 14 d, or a security or access control panel/HVAC thermostat 14e, such as controller 24. Computing devices 14 a-e may also beconfigured to communicate with each other or a variety of sensors 16.The communication with other computing devices 14 a-e or sensors 16could be wired or wireless as needed. The computing devices 14 a-e aregenerally connected to and with a communication network, such ascommunication network 28 such as local area network (LAN), wide areanetwork (WAN) or cellular, and the like, to facilitate communicationwith and between computing devices or controllers 14 a-e and the cloudcomputing nodes 26 as will be described further below.

The computing devices, 14 a-e such as user device 25, as well as othercomponents of the system 20 including building system controller 24 cancommunicate with one another, in accordance with the embodiments of thepresent disclosure, e.g., as shown in FIG. 1. For example, one or moreuser devices 25 and controller 24 may communicate with one another whenproximate to one another (e.g., within a threshold distance). The userdevice 25 and controller 24 may communicate over one or more networks28, (e.g., a communication bus) that may be wired or wireless. Wirelesscommunication networks can include, but are not limited to, Wi-Fi,short-range radio (e.g., Bluetooth®), near-field (NFC), infrared,cellular network, etc. In some embodiments, controller 24 may include,or be associated with (e.g., communicatively coupled to) one or moreother networked building elements (not shown), such as computers,beacons, other system controllers, bridges, routers, network nodes, etc.The networked elements may also communicate directly or indirectly withthe user devices 25 using one or more communication protocols orstandards (e.g., through the network 28). For example, the networkedelement such as tag 40 may communicate with the user device 25 usingnear-field communications (NFC) and thus enable communication betweenthe user device 25 and building system control unit 24, or any othercomponents in the system 10 when in close proximity to the user device25 (NFC is a short range wireless protocol). Or, for example, thenetworked element 40 may communicate with the user device 25 usingBluetooth and thus communicate a unique id and enable communicationbetween the user device 25 and building system control unit 24 or anyother components in the system 10 from a further distance. The network28 may be any type of known communication network including, but notlimited to, a wide area network (WAN), a local area network (LAN), aglobal network (e.g. Internet), a virtual private network (VPN), a cloudnetwork, and an intranet. The network 28 may be implemented using awireless network or any kind of physical network implementation known inthe art. The user devices 25 and/or the computing devices may be coupledto the controller 24, through multiple networks (e.g., cellular andInternet) so that not all user devices 25 and/or the computing devicesare coupled to the any given controller 24 or component through the samenetwork 28. One or more of the user devices 25 and the controller 24 maybe connected in a wireless fashion. In one non-limiting embodiment, thenetwork 28 is the Internet and one or more of the user devices 25executes a user interface application (e.g. a web browser, mobile app)to contact and communicate with the system's controller 24, through thenetwork 28.

Referring to FIG. 3, the computing devices 14 a-e, including user device25 and controller 24, may include a processing system including aprocessor, memory, and communication module(s), as needed to facilitateoperation and interfacing with various components and elements of thebuilding system(s) 20. In one embodiment, the computing devices 14 a-e,including user device 25 and controllers 24 each may include a computingsystem 100 having a computer program stored on nonvolatile memory toexecute instructions via a microprocessor related to aspects ofcommunicating and controlling a building system(s) 20 and in particularexecuting a method for utilizing user preferences for requestingservices in the building system 20 as described further herein.

In an embodiment, the computing system 100 has one or more processingunits (processors) 101 a, 101 b, 101 c, etc. (collectively orgenerically referred to as processor(s) 101). The processor 101 can beany type or combination of computer processors, such as amicroprocessor, microcontroller, digital signal processor, applicationspecific integrated circuit, programmable logic device, and/or fieldprogrammable gate array. As is conventionally done, the processors 101are coupled to system memory 114 and various other components via asystem bus 113. The memory can be a non-transitory computer readablestorage medium tangibly embodied in the user including executableinstructions stored therein, for instance, as firmware. Read only memory(ROM) 102 is coupled to the system bus 113 and may include a basicoperating system, which controls certain basic functions of system 100.Random Access Memory (RAM) 114 is also coupled to the system bus 113 andmay include a basic storage space to facilitate program execution.

FIG. 3 further depicts an input/output (I/O) adapter 107 and a networkadapter 106 coupled to the system bus 113. I/O adapter 107 communicateswith hard disk 103 and/or solid state storage 105 or any other similarcomponent. I/O adapter 107, hard disk 103, and solid state storage 105are collectively referred to herein as mass storage 104. As isconventionally done an operating system 120 for execution on theprocessing system 100 may be stored in mass storage 104. A networkadapter 106 interconnects bus 113 with an outside network 116 such asand including communications network 28 and the like, enabling computingsystem 100 to communicate with other such systems. The network adapter106 may implement one or more communication protocols as described infurther detail herein, and may include features to enable wired orwireless communication with external and/or remote devices separate fromthe user device 25. The computing device 14 a-e including the userdevice 25 and controller 24 may further include a user interface, showngenerally as 27, e.g., a display screen, a microphone, speakers, inputelements such as a keyboard 109 or touch screen, etc. as shown in FIG.3) as known in the art. A screen (e.g., a display monitor) 115 isconnected to system bus 113 by display adaptor 112, which may include agraphics adapter and a video controller. A keyboard 109, mouse 110, andspeaker 111 all interconnected to bus 113 via user interface adapter108. It should be appreciated that in some embodiments some or all ofthese elements of the computing system 100 may be integrated. In oneembodiment, adapters 107, 106, and 112 may be connected to one or moreI/O busses that are connected to system bus 113 via an intermediate busbridge (not shown). Suitable I/O buses for connecting peripheral devicesmay also be employed Additional input/output devices are shown asconnected to system bus 113 via user interface adapter 108 and displayadapter 112. It should be appreciate that the components of the systemas described are for illustration purposes only. Features and functionsas described may be omitted, integrated, or distributed as desired andas required to suit a particular application.

Embodiments provided herein are directed to apparatuses, systems, andmethods for making and fulfilling requests for services or morespecifically permitting instant access to a building space 22. In someembodiments, the request for services, (herein after simply a request),and notifications and authorizations may be communicated over one ormore lines, connections, or networks, such as network 28. The requestmay be initiated by the user device 25 and app 29 when the user holdsthe user device 25 close to a door lock 32 and reads a unique NFC tag 40embedded in the door lock 32. Or the request may be initiated by readinga unique id transmitted over Bluetooth from the door lock 25. Once theapp 29 has identified the unique identifier of the door lock 32, therequester 14 can initiate a request for access to the door lock 32 fromthe person that is the current owner or controller of the door lock 32.The request is made and transmitted through the network 28 to a cloudenvironment 26 or controller 24, and the like. The request may beinitiated by a mobile device controlled by and/or associated with auser, e.g., user device 25 in a passive or active manner. In someembodiments, the user device 25 may be operative in conjunction with aTransmission Control Protocol (TCP) and/or a User Datagram Protocol(UDP). In some embodiments, a request may be authenticated or validatedbased on a location and/or identification of the user device 25. Forexample if the user device 25 has been registered and preauthorized.

Moreover, in some embodiments, a request may be fulfilled in accordancewith one or more profiles, such as one or more user or mobile deviceprofiles. In some embodiments the profiles may be registered as part ofa registration process as part of the installation and execution theapplication 29 on the user device 25. As noted previously, thecontroller 24 may be associated with a building system (e.g., buildingsystem 20). The controller 24 and/or the cloud computing environment 26may be used to execute the methodology described herein includingcommunications between various devices As stated earlier, one or more ofthe user devices 25 may be associated with (e.g., owned by) a particularuser. For example, a guest 14 with a user device 25, 25′ may requestservice in an affirmative or active manner. The guest 14 may enter arequest by tapping a NFC tag 40 as described herein or using an I/Ointerface of the user device 25, as described herein. That is, in someembodiments, an application, (app) 29, or other program may be installedand operated on the user device 25, 25′ wherein the user and/or guest 14may interact with the app 29 or program to initiate or facilitate arequest.

Referring once again to FIG. 1, in operation, in an embodiment, a guest,family member, or service provider 14 hereinafter referred to as a guest14 for simplicity, seeking access to the building space 22 approachesthe door 30 associated with the specific building space 22 to whichaccess is desired. The guest 14, also having the app 29 associated withthe building system 20 installed on their user device 25′ instead ofneeding to stop at the front desk of the hotel (if there is one) orknock at a the door 30, approaches the door and employs their userdevice 25′ to tap or detect an NFC tag 40 present at the door 30 or lock32 as depicted by line 42. The app 29 executing on the user device 25′of the guest 14 notes the detected NFC tag 40 and initiates a request tothe controller 24 or server associated with the building system 20 asdepicted by line 43. After the guest taps the NFC tag 40, the guest userdevice 25′ with app 29 includes with the request 43 at least one of anidentifier of the user with an guest identifier description, picture,voice memo, or with details identifying why the guest is requestingaccess. The guest identifier information may be auto-populated by theapp 29 on the guest user device 25′. In an embodiment, each buildingspace 22 of the building system 20 may include an NFC tag 40 having aunique ID that is mapped to the building space 22 for a given location.The mapping is registered in controller 24, server, or a cloud computingservice 26. By tapping the tag 40 and reading the unique ID, thebuilding system 20 identifies the door 30 at which the request foraccess is being made. It should be appreciated that while the locationof the tag is described with respect to the tag 40 being located at adoor 30 or lock 32, NFC tag 40 identity belongs to a building space 22,e.g., a room, and therefore, the location of the tag 40 can be anywhere.For example the tag 40 can be on door sign, door 30, lock 32, buildingmap located on the wall and face-plate with the room name on wall within building system 20 e.g., hotel. In fact, in some embodiments, e.g.,for outside service providers and the like, the tags 40 may be locatedat a wall map away from the building space 22, e.g., at a front desk, orentry to include access to any intervening doors 30, elevators, and thelike.

Continuing with FIG. 1, the controller 24, server, or a cloud computingservice 26 employing the information communicated with the requestidentifies the user 12 associated with the specific building space 22associated with the space 22 at which the request was initiated. Anotification and request for authorization is presented to the user 12for permission to access the specific building space employed by theuser 12 as shown by line 44. When a user 12 receives the request, theapp 29 on the user device 25 prompts the user 12 to provide accessauthorization to permit access to the building space 22 associated withthe user 12. In an embodiment, the authorizations may be a broad e.g.,yes/no type of access as might be permitted to a family member, or theauthorization could be more limited or constrained by the user 12. Forexample, in an embodiment, the authorization may be limited in to ashort duration, e.g., one day, a number of hours for visitors or guests,or even just a number of minutes. For example, when the guest 14 is adelivery person, authorization might be limited to five minutes, onetime, and the like. It should be appreciated that the authorizations mayalso be constrained by the operator or owner of the building andbuilding system 20. For example, in a hotel environment, theauthorizations permitted may be limited based on the permissionscurrently available to the user. A guest 14 need not be granted accessauthorization that extends in duration beyond the scheduled stay of auser 12. Moreover, for security concerns, it may be desirable to limitthe potential authorizations that can be granted by users 12. Forexample, not permitting guest access to particular locations. Moreover,if the guest 14 is a family member and is executing the app 29 it may bedesirable to limit access authorizations to select building spaces 22and the like. For example, in an embodiment, it may be desirable tolimit access to a building space based on the age of the guest, and thelike or prevent access to select areas such as the pool, or lounge.

Continuing with FIG. 1, as depicted by line 45, the authorizationsprovided by the user 12 are communicated to the controller 24 or cloudcomputing environment 26. In an embodiment, the authorizationsidentified by the user are stored in the controller 24 and/or a cloudcomputing service 26 associated with the building system. When a user 12travels to a different local, and is present at a different buildingspace 22, the selections previously established can besynced/transmitted with mobile app 29 on the user device 25 andpresented as defaults along with a new request from guest 14. This willpermit the user 12 to review and modify as desired as well as beprovided additional localized information associated with the buildingspace 22, as well as any potential additions. As depicted by line 45,once authorized, the controller 24 or cloud computing environment 26associated with the building system 20 transmits a credential to theuser device 25′ of the guest 14. The app 29 executing on the user device25′ of the guest 14 receives the credential and as depicted at line 47,employs the credential to access the lock 32 as is accomplished inconventional access control systems. Optionally, a notification may thenbe provided to the user device 25 of the user 12 to indicate that theaccess has been provided. It should be appreciated that while theembodiments as described herein make reference to the user 12 being inthe building space 22 to which a guest 14 has requested access, itshould be appreciated that this is not necessary, the user could beabsent or remote. The only requirement would be for the controller 24 orserver and cloud computing environment 26 be able to communicate thenotification as depicted with respect to line 44 and receive theauthorization as depicted with respect to line 45.

Continuing with FIG. 1, and turning now to FIG. 4, for a description ofthe methodology of requesting and providing access to a building space22 in accordance with an embodiment. FIG. 4 is a flowchart depicting anexample high level method 400 for requesting and providing access to abuilding space 22 in accordance with an embodiment. In an embodiment,the method initializes with receiving a request for access to thebuilding space 22 by a guest 14 as depicted at process step 410 andshown by line 43 wherein the request includes a unique identifier. Asdescribed earlier, the request may be made by a guest 14 tapping a NFCtag 40 at an access point, e.g., a door 30. In an embodiment, the NFCtag 40 has a unique identifier that is recognizable by a controller 24or cloud computing environment 26 in a building system 20. In anembodiment the unique identifier maps to a particular door 30 or accesspoint 32 associated with a specific building space 22 in the buildingsystem 20. In an embodiment, the unique identifiers and mappingassociated with building spaces 22 in the building system 20 are storedin controller 24 or the cloud computing environment 26. In anotherembodiment, the preferences could be passed from the cloud computingenvironment 26 to another cloud computing environment 26, or to thecontroller 24 as described herein.

Continuing with FIG. 4 and the method 400, at process step 420 themethod 400 includes transmitting a notification of the request foraccess to a selected building space 22 associated with a user 12 to theuser device 25 of that user 12 as shown by line 44. In an embodiment,the app 29 on the user device 25 may be configured to communicate withthe controller 24 associated with the building system 20 or the cloudcomputing environment 26 to receive the notification and a request toprovide an authorization for access to the identified building space 22.In one embodiment the controller 24 is a controllable device 14 a-14 e(FIG. 2) for the building system 20 and the access is via a localcommunication interface 28. In another embodiment the controller 24 is aserver or cloud computing network 26 as described earlier. The app 29operating on the user device 25 may communicate with the controller 24and/or the cloud computing environment 26 to provide such authorization.In an embodiment, the authorization may be through another computingdevice 14 a-e such associated with another building system such as aroom lock. It will be appreciated that a user device 25 executing theapp 29 associated with the building system 20 may include suchauthorization to ensure identification of the user and user device 25.In some embodiments the authorization includes a permission associatedwith the request for access (whether physical or via communications) tothe building system 20 by transmission and presentation of a form ofcredential. For example, via the app on the user device 25′ where theuser device 25′ is preregistered with the building system 20. Such arequest may be via an app on the user device 25′, or the cloud computingenvironment 26 associated with the building system 20. In someembodiments, the authorizing as depicted at line 45, includes validatingthe request for access for a guest 14 and providing access or anauthorization for the communication. In another embodiment theauthorizing includes a validation of the request for access andproviding a token to facilitate further authenticated communications. Insome embodiments the authorization and/or token is provided to the userdevice 25′, in other embodiments the authorization/token is provided toa component of the first building system 20. In some embodiments, othertechniques could be employed for authentication. For example, biometricsmay be employed as a means of authenticating the guest 14 to thebuilding space 20. This could be done by a thumbprint reading on thesensor on the user device 25′ relayed to the cloud computing environment26 or a sensor (not shown) receiving a biometric associated with acredential shared, i.e., a biometric profile or reference to a profile).The biometric could be a thumbprint or a picture of a person taken by acamera (phone's camera or other) or a voice recognition, and the like.

In some embodiments the request 43 in step 410 may include a guest'sbiometric (voice, face, thumbprint) as an example credential presentedwith the request. In an embodiment the guest's biometric is retrieved bythe user device 25′ and is validated before sending the request andnotification to the user 12 for review and authorization. For example apicture for thumbprint verified for access to the user device 25′. Inanother embodiment a guest's biometric is retrieved by the user device25′ and is sent along with the request and credential and isvalidated/authenticated by the building system 20. For example, thebiometric could be a picture that is sent with the request, the pictureis then observed or compared to a picture on file for the part of theauthentication or is observed by the user 12 as part of notifying a userand requesting authorization in step 420. Finally, in anotherembodiment, the biometric as a credential is sent along with the requestto the building system 20 which then utilizes a biometric device (notshown) to read a biometric and validate that the requester e.g., guest14 is authentic.

Further, the method 400, may complete after process step 410 and beforeprocess step 420 in a special condition where the guest 14 already hasaccess rights to the door 30 with a door lock 32 that is identified bythe request 43. Determining this special condition is performed by oneof the controller 24 associated with the building system 20 or the cloudcomputing environment 26. In this special case, the message 46 back tothe guest device 25′ would include the credential already granted prioras well as an indication that the guest 14 already has permissions toopen the room lock 32 and did not need to notify a request from the roomowner 12 again.

Continuing with FIGS. 1 & 4 and the method 400, at process step 430 themethod 400 includes the user reviewing the request for access andelecting the authorization to provide as depicted by line 45. In anembodiment the authorization could be to permit access or not, and topermit the access with additional constraints. The authorization is thentransmitted to the controller 24 or cloud computing environment 26 usingthe communications network to the controller 24 where the particularaccess associated with the particular tag 40 was requested as depictedat process step 440. In another embodiment, the authorization istransmitted to the user device 25′. The authorization may include afurther authentication such as a password, token and the like to permitfurther communication and acceptance with another controller 24 or inparticular a lock 32 as depicted at process step 440. At process step450 the guest 14 presents the credential with the authentication e.g.password, token, and the like to the lock 32. The lock 32 when presentedwith a valid credential, accepts the credential and unlocks the lock 32to permit access to the guest. Optionally, a notification may beprovided to the user 12 via the user device 25. Notifications mayinclude, but not be limited to an acknowledgement of the authenticationand/or that the access has been provided. Moreover, a notification thatthe building space has actually been accessed, and the like.

The technical effects and benefits of embodiments relate to a method andsystem for permitting a guest access to a building space 22 in abuilding system 20. In one instance the building system 20 may be ahotel where a user is a patron. In addition, the guest has a smartdevice, e.g., mobile phone, has an app operating for interfacing to oneor more systems in the hotel for example lock access. For example an appassociated with verifying the guest and enabling access to thehospitality space. In operation, as part of the guest attempting to gainentry to a secured space in the hotel, the user is notified of a requestfrom the guest and provides authentication with the user's mobile deviceby sending authorization to the hotel credentialing app and/or cloudenvironment. The authorization may typically be for a selected durationsuch as for just a few minutes, or from check-in to check-out for thepatron. Connectivity is either through cloud or peer-to-peer.Advantageously these features will attract the customers towardsspecific hotels and facilities where these features are available, thusfostering brand loyalty.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of scope and breadthof the claims. As used herein, the singular forms “a”, “an” and “the”are intended to include the plural forms as well, unless the contextclearly indicates otherwise. It will be further understood that theterms “comprises” and/or “comprising,” when used in this specification,specify the presence of stated features, integers, steps, operations,elements, and/or components, but do not preclude the presence oraddition of one more other features, integers, steps, operations,element components, and/or groups thereof.

The corresponding structures, materials, acts, and equivalents of allmeans or step plus function elements in the claims below are intended toinclude any structure, material, or act for performing the function incombination with other claimed elements as specifically claimed. Thedescription of the embodiments has been presented for purposes ofillustration and description, but is not intended to be exhaustive orlimited to the described embodiments in the form disclosed. Manymodifications and variations will be apparent to those of ordinary skillin the art without departing from the scope and spirit of the claims.The embodiments have been chosen and described in order to best explainthe principles of the inventive concept and the practical application,and to enable others of ordinary skill in the art to understand thescope and breadth of the claims and the various embodiments with variousmodifications as are suited to the particular use contemplated.

What is claimed is:
 1. A method of extending a user's access controlpermissions to a guest in a building space in a building system havingan access control system, the access control system including at leastone of a cloud computing environment associated with the building systemand a control device associated with the building system executing themethod, the method comprising: receiving a request for access to abuilding space at a first user device, the requested initiated at asecond user device by the guest seeking access to the building space inthe building system, wherein the building space is at least a portion ofthe building system, the request associated with providing the guestaccess to the building space in the building system, the requestincluding a unique identifier associated with the building space;notifying a user associated with at least the building space of therequest and requesting an authorization from the user to provide theaccess to the building space, wherein the user is an individual havingan existing set of granted access control permissions associated with atleast the building space in the building system; receiving anauthorization from the user associated with permitting the guest accessto the building space associated with the request and the uniqueidentifier; transmitting the authorization to the guest, theauthorization including a credential configured to provide access to thebuilding space, the credential stored on the second user device; andpermitting the guest access to the building space associated with therequest and the unique identifier based on the authorization and thecredential being presented at the building space.
 2. The method of claim1, further including communicating with an app executing on the firstuser device configured to permit the user to preselect desired accessrights associated with at least one of a guest and the building space.3. The method of claim 1, further including communicating with an appexecuting on the second user device configured to permit a guest tocommunicate credential information with the request.
 4. The method ofclaim 3, wherein the request is made by communicating from acommunication device to the second user device.
 5. The method of claim4, wherein the communicating includes the unique identifier for thecommunication device associated with the building space.
 6. The methodof claim 4, wherein the communication device is a Near FieldCommunication (NFC) device.
 7. The method of claim 1, wherein thenotifying includes the at least one of the cloud computing environmentassociated with the building system and the control device associatedwith the building system, communicating with a least the first userdevice, the communicating including identification of at least one ofthe guest and the building space.
 8. The method of claim 1, wherein theauthorization includes constraints on access permissions of the guest.9. The method of claim 8, wherein the constraints are based on at leastone of the input of the user and the constraints on the user from thebuilding system.
 10. The method of claim 1, wherein the building systemis a hotel and the building space is an access controlled space in thehotel.
 11. The method of claim 1, further including providing anotification to the user via the user device regarding the access of theguest to the building space.
 12. The method of claim 1, wherein thereceiving a request includes a communication device communicating withat least one of a cloud computing environment associated with thebuilding system, a control device associated with the building system,and the second user device of the guest, the communicating including theunique identifier and information associated with the building space inthe building system, and wherein the building system employs the uniqueidentifier to identify the building space to which access is desired.13. The method of claim 1 wherein the credential includes at least oneof an identification of the guest an identification of the second userdevice of the guest, an identification of the control device associatedwith the building space in the building system, a biometric, and apassword.
 14. The method of claim 1, wherein the authorization furtherincludes at least one of a cloud computing environment and a controldevice associated with the building system authenticating the credentialand communicating an indicia of authentication to the user device of theguest.
 15. The method of claim 14, wherein the indicia of authenticationis at least one of a message, a token, a digital certificate, and apassword.
 16. The method of claim 14 wherein the authenticating includesvalidating a biometric.
 17. The method of claim 1, wherein the cloudcomputing environment and controller associated with the building systemincludes a local server.
 18. The method of claim 1, wherein the buildingsystem is at least one of a security system, access control system, anda vehicle and the control device is a lock.
 19. The method of claim 1,wherein the permitting access to the building space includescommunicating information associated with the authentication to acontroller associated with the building space in the building system.20. The method of claim 19, wherein the information associated with theauthentication includes permissions associated with the permitting, thepermissions including at least one of a duration associated with thepermitting control, limitations on controllable features of the controlof the selected controllable device, and operational parameters of thesecond building system to be controlled.
 21. A system for permittingguest access to a building space in a building system, the systemcomprising: a building system having a building space associatedtherewith, the building system includes at least one of a controllerassociated with the building system and a cloud computing environmentassociated with the building system; at least one communication devicein operable communication with a second user device of a guest, the atleast one communication device associated with a unique identifier;wherein the building system includes an application configured to beexecuted on a first user device in operable communication with the atleast one of the controller associated with the building system and thecloud computing environment associated with the building system, thefirst user device executing the application facilitating authorizingaccess to a selected building space in the building system andconfigured to communicate a request for access initiated by the guestseeking access to the building space in the building system, wherein thebuilding space is at least a portion of the building system to the atleast one of the controller associated with the building system and thecloud computing environment associated with the building system; whereinthe at least one of the controller associated with the building systemand the cloud computing environment associated with the building systemare configured to execute a method of providing guest access to abuilding space, the method comprising: notifying a user associated withat least the building space of the request and requesting anauthorization from the user to provide the access to the building space,wherein the user is an individual having an existing set of grantedaccess control permissions associated with at least the building spacein the building system; receiving an authorization from the userassociated with permitting the guest access to the building spaceassociated with the request and the unique identifier; transmitting theauthorization to the guest, the authorization including a credentialconfigured to provide access to the building space, the credentialstored on the second user device; and permitting the guest access to thebuilding space associated with the request and the unique identifierbased on the authorization and the credential being presented at thebuilding space.
 22. The method of claim 1, wherein the second use deviceobtains the unique identifier associated with the building space atleast one of NFC, a BTLE beacon, and GPS coordinates.